From owner-svn-src-stable@freebsd.org  Sun Nov 25 00:32:24 2018
Return-Path: <owner-svn-src-stable@freebsd.org>
Delivered-To: svn-src-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 86C64113F8B6;
 Sun, 25 Nov 2018 00:32:24 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 2BEF86DBAE;
 Sun, 25 Nov 2018 00:32:24 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0D04915749;
 Sun, 25 Nov 2018 00:32:24 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAP0WNoG047327;
 Sun, 25 Nov 2018 00:32:23 GMT (envelope-from emaste@FreeBSD.org)
Received: (from emaste@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAP0WNPF047326;
 Sun, 25 Nov 2018 00:32:23 GMT (envelope-from emaste@FreeBSD.org)
Message-Id: <201811250032.wAP0WNPF047326@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: emaste set sender to
 emaste@FreeBSD.org using -f
From: Ed Maste <emaste@FreeBSD.org>
Date: Sun, 25 Nov 2018 00:32:23 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org
Subject: svn commit: r340915 - stable/12/sys/dev/proto
X-SVN-Group: stable-12
X-SVN-Commit-Author: emaste
X-SVN-Commit-Paths: stable/12/sys/dev/proto
X-SVN-Commit-Revision: 340915
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 2BEF86DBAE
X-Spamd-Result: default: False [1.54 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_SPAM_LONG(0.61)[0.611,0];
 NEURAL_SPAM_MEDIUM(0.62)[0.623,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_SPAM_SHORT(0.30)[0.302,0]
X-Rspamd-Server: mx1.freebsd.org
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
 <svn-src-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-stable>, 
 <mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable/>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Nov 2018 00:32:24 -0000

Author: emaste
Date: Sun Nov 25 00:32:23 2018
New Revision: 340915
URL: https://svnweb.freebsd.org/changeset/base/340915

Log:
  MFC r340771: proto: change device permissions to 0600
  
  C Turt reports that the driver is not thread safe and may have
  exploitable races.
  
  Note that the proto device is intended for prototyping and development,
  and is not for use on production systems.  From the man page:
  
  SECURITY CONSIDERATIONS
      Because programs have direct access to the hardware, the proto
      driver is inherently insecure.  It is not advisable to use this
      driver on a production machine.
  
  The proto device is not included in any of FreeBSD's kernel config files
  (although the module is built).
  
  The issues in the proto device still need to be fixed, and the device is
  inherently (and intentionally) insecure, but it might as well be limited
  to root only.
  
  admbugs:	782
  Reported by:	C Turt <ecturt@gmail.com>
  Sponsored by:	The FreeBSD Foundation

Modified:
  stable/12/sys/dev/proto/proto_core.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/sys/dev/proto/proto_core.c
==============================================================================
--- stable/12/sys/dev/proto/proto_core.c	Sat Nov 24 21:52:10 2018	(r340914)
+++ stable/12/sys/dev/proto/proto_core.c	Sun Nov 25 00:32:23 2018	(r340915)
@@ -196,7 +196,7 @@ proto_attach(device_t dev)
 		case SYS_RES_MEMORY:
 		case SYS_RES_IOPORT:
 			r->r_size = rman_get_size(r->r_d.res);
-			r->r_u.cdev = make_dev(&proto_devsw, res, 0, 0, 0666,
+			r->r_u.cdev = make_dev(&proto_devsw, res, 0, 0, 0600,
 			    "proto/%s/%02x.%s", device_get_desc(dev), r->r_rid,
 			    (r->r_type == SYS_RES_IOPORT) ? "io" : "mem");
 			r->r_u.cdev->si_drv1 = sc;
@@ -204,7 +204,7 @@ proto_attach(device_t dev)
 			break;
 		case PROTO_RES_PCICFG:
 			r->r_size = 4096;
-			r->r_u.cdev = make_dev(&proto_devsw, res, 0, 0, 0666,
+			r->r_u.cdev = make_dev(&proto_devsw, res, 0, 0, 0600,
 			    "proto/%s/pcicfg", device_get_desc(dev));
 			r->r_u.cdev->si_drv1 = sc;
 			r->r_u.cdev->si_drv2 = r;
@@ -212,7 +212,7 @@ proto_attach(device_t dev)
 		case PROTO_RES_BUSDMA:
 			r->r_d.busdma = proto_busdma_attach(sc);
 			r->r_size = 0;	/* no read(2) nor write(2) */
-			r->r_u.cdev = make_dev(&proto_devsw, res, 0, 0, 0666,
+			r->r_u.cdev = make_dev(&proto_devsw, res, 0, 0, 0600,
 			    "proto/%s/busdma", device_get_desc(dev));
 			r->r_u.cdev->si_drv1 = sc;
 			r->r_u.cdev->si_drv2 = r;